|laziness, impatience, and hubris|
Secure upload without account in remote serverby wanradt (Scribe)
|on Dec 12, 2010 at 20:22 UTC||Need Help??|
wanradt has asked for the
wisdom of the Perl Monks concerning the following question:
I have problem which i have not found good solution.
There is three (Linux) users A, B and C who scan images to ~/images/scan
They should upload those pics to the remote server where they don't have accounts.
Therefor is user X, who has access to remote server, but who has no access to user's home directories.
So far i had the "remote server" in my LAN and i did not worry about plain text password too much. I made perl script, which runs with setgid and get by group rights credentials to local FTP-server but run with user's permission, so it had access to home directory trees.
Now i have "remote server" far away and wanted to work out something more secure and without passwords. scp with authorized keys seemed very good way for this.
So first i tried with Net::SCP, but if runned it with setuid in user X rights, it could access server, but not users Homes. And if runned it with setgid, it has access to local homes, but can't access remote server. Main problem: i did not get Net::SCP to use user X's identity files.
So i moved to Net::SCP::Expect, which should use identity files. Made such simple test script:
Error i got is EXACTLY such one
at /usr/share/perl5/Expect.pm line 759 not found
I have no power to understand, what this means. Seems like bug to me.
I just have no good ideas more. Maybe i just invent wheel here and some could suggest me something more simple?
I don't want loose presmissions to users, but they should get those pics uploaded in some secure way. Perl and CLI are prefferred